propppd.conf(5)                 ProL2TP Manual                 propppd.conf(5)

       propppd.conf - ProPPP configuration file

       This document describes the configuration file syntax of ProPPP.

       A  configuration  file  is  used to setup propppd. It is processed when
       propppd starts up, and again if it receives a SIGHUP signal.

       Parameters are organised in blocks, delimited by braces { }. The  block
       type  and optional name precedes the open brace. Parameters are written
       inside the braces, as a parameter name and value pair.

       block-type "name" {
         param1 value
         param2 "string-value"

       The following block types exist in ProPPP:

           Contains attributes that may be used to control the system behavior
           of  ProPPP,  i.e.  debug  logging  options etc. There is always one
           instance of this object and it has no name.

       system {

           Defines a named PPP profile. More than one profile may be  defined,
           each with a unique name.

       profile "one" {

           Identifies  parameters  to be used when sending or receiving RADIUS

       radius {
         server "server1" {

       This section identifies the parameters available  in  each  block.  The
       default values are suitable for most cases.

           Set  the  log  mask  of individual log message categories which are
           output. Messages are grouped into categories which may be individu-
           ally  controlled.  Debug  may be enabled or disabled for individual
           ppp instances by management commands. Each entry in this block con-
           sists  of a pair of words - the category name and the log mask. The
           following category names are defined:

           event   Log  messages  related  to  event  messages  generated   by

           main    Log messages concerned with internal application state.

           mgmt    Log messages related to management control API usage.

           ppp     Log messages related to the PPP protocol.

           radius  Log messages related to communication with RADIUS servers.

       A  log  mask must be specified for each category. This is one of debug,
       info, notice, warning and error. The  default  for  all  categories  is

           This  block  specifies  parameters of one or more log targets. Cur-
           rently only one log target, main is defined. The main log target is
           either syslog or file, set by a propppd command line option.

                  Set  the verbosity level at which messages are output to the
                  log target. Values match  traditional  Unix  syslog  levels,
                  namely debug, info, notice, warning, error. Default is info.

       A  profile  block  defines  named ppp parameter sets which are combined
       with user-supplied create arguments when establishing new ppp sessions.
       When  ppp  instances  are  created, a profile argument tells propppd to
       lookup the named profile and substitute the arguments contained in that
       profile into the create arguments. A special profile named "default" is
       used if no profile name is given. This may be useful by the administra-
       tor to set default ppp options.

       arg1 arg2 ... argN
               Profile  parameters are specified as whitespace-separated words
               in the same form as  propppctl  create  arguments.  See  propp-

       The  radius block defines parameters for communicating with one or more
       RADIUS servers.

       SERVER name
               The server block contains parameters for communicating  with  a
               named RADIUS server. Multiple servers can be defined.

               server_address address
                      Specifies the IP address of the RADIUS server.

               auth_port number
                      The  port  number  used for RADIUS auth requests sent to
                      this server. If set to 0, no auth requests are  sent  to
                      this server. The default is 1812.

               acct_port number
                      The port number used for RADIUS accounting requests sent
                      to this server. If set to 0, no accounting requests  are
                      sent to this server. The default is 1813.

               secret quoted-string
                      The  secret used by the RADIUS server for authenticating
                      requests. This must match the secret configured  in  the
                      RADIUS server.

               timeout number
                      Sets the number of seconds to wait for a response before
                      retransmitting a RADIUS packet. Default is 1.

               max_retries number
                      Sets how many  times  to  retransmit  a  RADIUS  request
                      before giving up. The default is 3.

               dead_time number
                      Sets the number of seconds to treat a server as unreach-
                      able if it did not respond to max_retries attempts  with
                      a previous request before attempting to use it again for
                      new requests. This is  only  useful  if  more  than  one
                      server is used. Default 60s.

       system {
           log_categories {
               mgmt debug
               event info
               radius debug

           log_targets {
               main {
                   log_level debug

       profile "default" {
           lcp-echo-interval 30

       radius {
           server "local" {
               auth_port 1812
               acct_port 0
               secret "testing123"
               timeout 1
               max_retries 4
               dead_time 60
           server "s1" {
               auth_port 1812
               acct_port 1813
               secret "mysupersecret"
               timeout 1
               max_retries 5
               dead_time 120

       propppd(8), propppctl(1), propppwatch(1)

ProL2TP 2.4.1                     April 2023                   propppd.conf(5)